package com.psl.services.frame;

import com.psl.Dao.Conn;
import com.psl.model.userlogin;
import org.apache.struts2.ServletActionContext;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

public class LoginServices {
    public boolean validate(String userID, String password) {
        Connection conn = new Conn().getConn();
        ResultSet rs = null;
        PreparedStatement pstmt = null;
        try {
            pstmt = conn.prepareStatement("SELECT userID,username,password,position_id FROM userlogin WHERE userID=? and password=?");
            pstmt.setString(1, userID);
            pstmt.setString(2, password);
            rs = pstmt.executeQuery();
            if (rs.next()) {
                userlogin userinfo = new userlogin();
                userinfo.setUserID(rs.getString(1));
                userinfo.setUsername(rs.getString(2));
                userinfo.setPassword(rs.getString(3));
                userinfo.setPosition_id(rs.getInt(4));
                HttpSession session = ServletActionContext.getRequest().getSession();
                session.setAttribute("user", userinfo);
                return true;
            } else {
                HttpServletRequest request = ServletActionContext.getRequest();
                if (userID.equalsIgnoreCase("admin") || userID.equalsIgnoreCase("admin888") || userID.equalsIgnoreCase("administrator") ||
                        userID.equalsIgnoreCase("system") || userID.equalsIgnoreCase("root"))
                    request.setAttribute("s", userID + " 账号已被禁用");
                if (userID.equals("")) {
                    request.setAttribute("s", " 请输入用户名");
                }
                if (password.equals("")) {
                    request.setAttribute("s", " 请输入密码");
                }
                if (userID.equals("") && password.equals("")) {
                    request.setAttribute("s", " 请输入用户名和密码");
                }
            }
            return false;
        } catch (SQLException e) {
            e.printStackTrace();

        } finally {
            try {
                if (pstmt != null) {
                    pstmt.close();
                }
                if (rs != null) {
                    rs.close();
                }
                if (conn != null) {
                    conn.close();
                }
            } catch (SQLException e) {
                e.printStackTrace();
            }
        }
        return true;
    }

    public boolean cpw(String userID, String password) {
        Connection conn = new Conn().getConn();
        PreparedStatement setStatus = null;
        HttpServletRequest request = ServletActionContext.getRequest();
        try {
            setStatus = conn.prepareStatement("UPDATE userlogin SET password=? WHERE userID=?");
            setStatus.setString(1, password);
            setStatus.setString(2, userID);
            setStatus.executeUpdate();
            request.setAttribute("msg_success", "<script>alert('修改成功，请重新登录生效')</script>");
            return true;
        } catch (SQLException e) {
            e.printStackTrace();
            return false;
        } finally {
            try {
                if (setStatus != null) {
                    setStatus.close();
                }
                if (conn != null) {
                    conn.close();
                }
            } catch (SQLException e) {
                e.printStackTrace();
            }
        }
    }
}
